I was playing with the password generator...
I created a master list of passwords on that page. I noticed the browser path didn't have a lock or an "HTTPS". How secure is this process if it's not encrypted?
Because it doesn't pass any data back to the server, theres no need for SSL on the connection. You can prove this to yourself either with a packet sniffer or by just saving the page locally and opening it while disconnected from the internet.
Also see here